CVE-2002-0029

CVSS 7.5 - HIGH
Description

Buffer overflows in the DNS stub resolver library in ISC BIND 4.9.2 through 4.9.10, and other derived libraries such as BSD libc and GNU glibc, allow remote attackers to execute arbitrary code via DNS server responses that trigger the overflow in the (1) getnetbyname, or (2) getnetbyaddr functions, aka "LIBRESOLV: buffer overrun" and a different vulnerability than CVE-2002-0684.

Affected Products
18
Vendor Product Version
isc bind 4.9.2
isc bind 4.9.3
isc bind 4.9.4
isc bind 4.9.5
isc bind 4.9.6
isc bind 4.9.7
isc bind 4.9.8
isc bind 4.9.9
isc bind 4.9.10
astaro security_linux 2.0.23
astaro security_linux 2.0.24
astaro security_linux 2.0.25
astaro security_linux 2.0.26
astaro security_linux 2.0.27
astaro security_linux 2.0.30
astaro security_linux 3.2.0
astaro security_linux 3.2.10
astaro security_linux 3.2.11
References
ftp://ftp.netbsd.org/pub/NetBSD/security/advisorie...
ftp://patches.sgi.com/support/free/security/adviso...
http://lists.apple.com/archives/Security-announce/...
http://www.cert.org/advisories/CA-2002-31.html
http://www.isc.org/products/BIND/bind-security.htm...
http://www.iss.net/security_center/static/10624.ph...
http://www.kb.cert.org/vuls/id/844360
http://www.securityfocus.com/bid/6186
ftp://ftp.netbsd.org/pub/NetBSD/security/advisorie...
ftp://patches.sgi.com/support/free/security/adviso...
http://lists.apple.com/archives/Security-announce/...
http://www.cert.org/advisories/CA-2002-31.html
http://www.isc.org/products/BIND/bind-security.htm...
http://www.iss.net/security_center/static/10624.ph...
http://www.kb.cert.org/vuls/id/844360
http://www.securityfocus.com/bid/6186
Weakness Types
NVD-CWE-Other
CVE Information
CVE ID:
CVE-2002-0029
Published:
2002-11-29
Modified:
2026-04-16
CVSS Score:
7.5
Severity:
HIGH
Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Vendors
astaro isc
Quick Actions
View on NVD Find Similar CVEs
CVSS Severity Scale
0.0 - 3.9 LOW
4.0 - 6.9 MEDIUM
7.0 - 8.9 HIGH
9.0 - 10.0 CRITICAL